package com.futao.springsecuritylearn.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author ft
 * @date 2021/5/18
 */
@RestController
@RequestMapping("/test")
public class HelloController {

    @Secured("ROLE_admins")
    @PreAuthorize("hasAnyAuthority('admins')")
    @PostAuthorize("hasAnyAuthority('admins')")
    @GetMapping("/hello")
    public String hello() {
        return "hello SpringSecurity";
    }

    @RequestMapping("/index")
    public String index() {
        return "index page";
    }
}
